History

XenU deployment and configuration guide

Installation and deployment guide

Preparation

  • Download the image here
  • Configure the virtual machine with the following parameters:
    • Volume size: 3GB
    • RAM: 128 MB
    • Name: base
  vmcreate --size 3G --file base_image.tgz --mem 128 --ip 192.168.69.21 base
  • Boot the virtual machine:
  xm create -c /etc/xen/auto/base
  • Login as root using the password: passwd.root and change the default password

Machine configuration

There are two configuration options available:
  • Centralised configuration: if the machine is going to be integrated in a ModularIT management structure
  • Local configuration: if the machine is not going to be integrated in a ModularIT management structure

Centralized configuration

On the Puppet server

  • Define de parameters for the service being installed
  • Create the entry of the ModularIT machine being installed:
  node "devel.base" inherits "devel" {
        # First installation?
        $bootstrap = yes

        $modularit_name = "devel.base" 
        $comment = "Development Base" 
        include modularit 
  }

Client configuration (The machine being installed)

  • puppetd is restarted in debug mode to ensure that it updates correctly:
  /etc/init.d/puppet stop
  puppetd --debug --no-daemonize --runinterval 60 --fqdn MODULARIT_NAME --server PUPPET_SERVER
  • The parameters MODULARIT_NAME and PUPPET_SERVER will be provided by the service manager (register with the mailing list if you have questions regarding this)
  • Restart puppetd as a service after it has completed several cycles without generating errors:
  /etc/init.d/puppet restart
  • PIFIA should be executed to ensure that notifications to Nagios are functioning correctly
  /var/lib/pica/bin/scheduler Emergency
  /var/lib/pica/bin/scheduler Warning
  • Ensure that all Nagios alerts responds with status OK. At this point critical AIDE alerts are normal

Local configuration

The following installation mode is needed when the machine is not integrated in a centralized ModularIT management structure

  • Go to the /opt directory
  • Download the ModularIT configuration tree:
  links --source "http://git.modularit.org/?p=modularit.git;a=snapshot;h=HEAD;sf=tgz" | tar xvzf -
  • This will create the /opt/modularit directory
  • If /etc/puppet/modules/modularit doesn't exist, create it:
  mkdir /etc/puppet/modules
  ln -s /opt/modularit/Puppet/modularit /etc/puppet/modules/
  • Edit the file /opt/modularit/Puppet/offline/variables.pp and modify it so that the correct configuration is used. This file will be common to all ModularIT installations. Remember the LDAP service is mandatory in a ModularIT configuration.
  • Edit the file /opt/modularit/Puppet/offline/offline.pp to reflect the name and type of the ModularIT machine. The file will be different for each machine (The name and type of machine are always different)
  • Once the configuration has been completed, execute puppet in off-line mode
  puppet --debug /opt/modularit/Puppet/offline/offline.pp
  • The process should finish without errors

Service preparation

  • Execute the modularit service initialization script.
  modularit-SERVICE-init.rb
  • Where SERVICE is the service being installed
  • This script does different initialization tasks, depending on the service. This script should only be run once, because it initializes the service and may remove data!!

Initializing AIDE

Once everything is functioning correctly, initialize the AIDE databases as described in the AIDE